Skip to content

The digital transformation of unified communications: Protecting against IRSF

April 21, 2022

Telesign Team
A group of connected cloud systems digitally.

Whether it’s speed, simplicity, or cost savings, more and more businesses are digitally transforming their communications operations. Today, two out of three organizations are moving significant portions of their communications solutions to the cloud.  

As digital transformation continues to accelerate, cloud communications are critical to the success of modern-day business. In fact, 85% of the world’s leading companies feel that APIs that extend business communications for both employees and customers are crucial to business growth.  

But, while the business optimization benefits of cloud-first communications are propelling growth, that digital shift increases the number of opportunities for scammers, making fraud targeted at Unified Communications as a Service (UCaaS) and Contact Center as a Service (CCaaS) platforms even more lucrative.

Fraud in the world of UCaaS and CCaaS

International Revenue Share Fraud (IRSF) is one of the most menacing types of communications fraud plaguing the telecom industry. Bad actors will typically exploit a company’s customer support offerings (i.e., automated callbacks and voice one-time passcodes) to inflate artificial traffic. Fraudsters push through thousands of calls using expensive premium-rate numbers and leave the company and/or UCaaS/CCaaS provider with a costly bill.  

Oracle reports that robocalls and phishing are the top two threats to real-time communications applications. The same study found that for more than 30% of companies, over 10% of their calls to a contact center were fraudulent an astonishingly high number.

Here are a few tactics used by fraudsters in an IRSF attack:

  • Scripted and botnet attacks: Fraudsters use nefarious bots and online scripts to create new accounts in bulk, which triggers OTP voice calls, and exploit automated callback features to artificially pump outbound call traffic. These tactics can be deployed in seconds and force tens and thousands of calls to premium rate numbers.
  • Cloud PBX hacking: Fraudsters assess cloud PBX systems for security vulnerabilities – looking for open ports, carrying out brute force attacks, or conducting social engineering schemes. Once a fraudster gains access, they begin placing thousands of outbound calls to the premium rate numbers ranges they acquired.
  • Callback fraud: Also known as Wangiri Fraud, is where a telephone scammer calls an individual and hangs up in hopes of the individual calling back. The scammer will typically call from an international toll number, which will appear as a significant charge on the victim’s phone bill, while the scammer pockets most of the money.

How Telesign can help

Arming your communications platform with the right technology is the key to preventing IRSF attacks and financial losses. Telesign’s Intelligence is a powerful API that delivers a near real-time risk assessment before any inbound or outbound call is placed.

Using advanced machine learning that evaluates global traffic patterns, phone data attributes, and the world’s largest fraud database, Intelligence delivers comprehensive phone number intelligence to protect you against fraud.

From robocalls to IRSF, Telesign’s Intelligence offers a holistic detection and prevention against communications fraud. For example, Telesign helps Skype screen and block spam and fraudulent calls. In fact, Skype sees roughly two million calls per day and 100,000 calls per hour at peak. Telesign analyzes these phone numbers and helps Skype block one million unwanted calls, or 50% of Skype’s overall virtual phone number inbound traffic.

IRSF is a sneaky, quiet tactic that goes unnoticed until the financial losses grow too large to tame. Intelligence’s dynamic range of data points are proven to be invaluable in identifying and preventing IRSF before it’s too late.

At risk of IRSF losses? Telesign can help. Let’s talk.